Hi, I have to create tunnel between server and client. Client have proxy configured in between. So i use below in /etc/stunnel/stunnel.config. User name and password is correct pid = /var/run/stunnel.pid cert = /home/client.crt key = /home/client.key options = NO_SSLv2 debug = 7 output = /var/log/stunnel4/stunnel.log client = yes CAfile=/home/**chain.pem verify=2 [test] protocol = connect accept = 127.0.0.1:10000 protocolHost = host.vmj.com:443 connect = <PROXYIP>:<PROXY port> protocolUsername = vmj.com\user1 protocolPassword = VMJTEST!123 protocolAuthentication = NTLM In stunnel.log, i can see below error 2019.02.28 18:36:50 LOG6[2103:140737354032896]: Client-mode connect protocol negotiations started 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> CONNECT host.vmj.com:443 HTTP/1.1 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Host: host.vmj.com:443 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Connection: keep-alive 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Authorization: NTLM TlRMTVNTUAABAAAAAgIAAA== 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- HTTP/1.1 407 Proxy Authentication Required 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Server: squid/3.3.8 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Mime-Version: 1.0 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Date: Thu, 28 Feb 2019 18:36:33 GMT 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Type: text/html 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Length: 3285 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Vary: Accept-Language 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Language: en 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAACAgACueAMGSlaSZ0AAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8= 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache: MISS from squidproxy.vmj.com 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache-Lookup: NONE from squidproxy.vmj.com:3128 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Via: 1.1 squidproxy.vmj.com (squid/3.3.8) 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Connection: keep-alive 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> CONNECT host.vmj.com:443 HTTP/1.1 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Host: host.vmj.com:443 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Authorization: NTLM TlRMTVNTUAADAAAAAAAAAGcAAAAYABgAQAAAAAAAAABnAAAADwAPAFgAAAAAAAAAZwAAAAAAAABnAAAAAgIAAAGbqH5v5ML8msrfm3R1yDBsS+ai3ldihnZybmkuY29tXGJoYXJ0aQ== 2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- HTTP/1.1 407 Proxy Authentication Required 2019.02.28 18:36:50 LOG3[2103:140737354032896]: CONNECT request rejected 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Server: squid/3.3.8 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Mime-Version: 1.0 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Date: Thu, 28 Feb 2019 18:36:33 GMT 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Type: text/html 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Length: 3363 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Vary: Accept-Language 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Language: en 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Proxy-Authenticate: NTLM 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache: MISS from squidproxy.vmj.com 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache-Lookup: NONE from squidproxy.vmj.com:3128 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Via: 1.1 squidproxy.vmj.com (squid/3.3.8) 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Connection: keep-alive 2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- 2019.02.28 18:36:50 LOG5[2103:140737354032896]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2019.02.28 18:36:50 LOG7[2103:140737354032896]: Remote socket (FD=14) closed 2019.02.28 18:36:50 LOG7[2103:140737354032896]: Local socket (FD=3) closed 2019.02.28 18:36:50 LOG7[2103:140737354032896]: Service [test] finished (0 left) If i try with basic authentication it works fine. Its urgent , can some one help me out. Thanks, Vj
Try to split your config username and domain. protocolDomain = vmj.com protocolUsername = user1 On Thu, Feb 28, 2019 at 7:44 PM Vijay Raghavan P <vijairagav210@gmail.com> wrote:
Hi, I have to create tunnel between server and client. Client have proxy configured in between. So i use below in /etc/stunnel/stunnel.config. User name and password is correct
pid = /var/run/stunnel.pid
cert = /home/client.crt
key = /home/client.key
options = NO_SSLv2
debug = 7
output = /var/log/stunnel4/stunnel.log
client = yes
CAfile=/home/**chain.pem
verify=2
[test]
protocol = connect
accept = 127.0.0.1:10000
protocolHost = host.vmj.com:443
connect = <PROXYIP>:<PROXY port>
protocolUsername = vmj.com\user1
protocolPassword = VMJTEST!123
protocolAuthentication = NTLM
In stunnel.log, i can see below error
2019.02.28 18:36:50 LOG6[2103:140737354032896]: Client-mode connect protocol negotiations started
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> CONNECT host.vmj.com:443 HTTP/1.1
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Host: host.vmj.com:443
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Connection: keep-alive
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Authorization: NTLM TlRMTVNTUAABAAAAAgIAAA==
2019.02.28 18:36:50 LOG7[2103:140737354032896]: ->
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- HTTP/1.1 407 Proxy Authentication Required
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Server: squid/3.3.8
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Mime-Version: 1.0
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Date: Thu, 28 Feb 2019 18:36:33 GMT
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Type: text/html
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Length: 3285
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Vary: Accept-Language
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Language: en
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAACAgACueAMGSlaSZ0AAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8=
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache: MISS from squidproxy.vmj.com
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache-Lookup: NONE from squidproxy.vmj.com:3128
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Via: 1.1 squidproxy.vmj.com (squid/3.3.8)
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Connection: keep-alive
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <-
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> CONNECT host.vmj.com:443 HTTP/1.1
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Host: host.vmj.com:443
2019.02.28 18:36:50 LOG7[2103:140737354032896]: -> Proxy-Authorization: NTLM TlRMTVNTUAADAAAAAAAAAGcAAAAYABgAQAAAAAAAAABnAAAADwAPAFgAAAAAAAAAZwAAAAAAAABnAAAAAgIAAAGbqH5v5ML8msrfm3R1yDBsS+ai3ldihnZybmkuY29tXGJoYXJ0aQ==
2019.02.28 18:36:50 LOG7[2103:140737354032896]: ->
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- HTTP/1.1 407 Proxy Authentication Required
2019.02.28 18:36:50 LOG3[2103:140737354032896]: CONNECT request rejected
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Server: squid/3.3.8
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Mime-Version: 1.0
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Date: Thu, 28 Feb 2019 18:36:33 GMT
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Type: text/html
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Length: 3363
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Vary: Accept-Language
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Content-Language: en
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Proxy-Authenticate: NTLM
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache: MISS from squidproxy.vmj.com
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- X-Cache-Lookup: NONE from squidproxy.vmj.com:3128
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Via: 1.1 squidproxy.vmj.com (squid/3.3.8)
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <- Connection: keep-alive
2019.02.28 18:36:50 LOG7[2103:140737354032896]: <-
2019.02.28 18:36:50 LOG5[2103:140737354032896]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2019.02.28 18:36:50 LOG7[2103:140737354032896]: Remote socket (FD=14) closed
2019.02.28 18:36:50 LOG7[2103:140737354032896]: Local socket (FD=3) closed
2019.02.28 18:36:50 LOG7[2103:140737354032896]: Service [test] finished (0 left)
If i try with basic authentication it works fine.
Its urgent , can some one help me out.
Thanks,
Vj _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
participants (2)
-
Flo Rance -
Vijay Raghavan P